Mercurial > repos > other > Puppet

diff modules/website/manifests/init.pp @ 133:9337c9ce648a puppet-3.6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Switch to using LetsEncrypt certs by default
author IBBoard <dev@ibboard.co.uk>
date Fri, 11 Nov 2016 17:15:23 +0000
parents 95502bafeaa3
children b3f6c7a910d0
line wrap: on
line diff
--- a/modules/website/manifests/init.pp	Fri Nov 04 20:55:22 2016 +0000
+++ b/modules/website/manifests/init.pp	Fri Nov 11 17:15:23 2016 +0000
@@ -1,7 +1,6 @@
 class website(
   $base_dir,
   $cert_dir           = '/etc/pki/custom',
-  $ssl_chain          = 'ca-chain.pem',
   $primary_ip,
   $secondary_ip,
   $default_owner,
@@ -20,7 +19,7 @@
   $certdir = $cert_dir
   $docroot_owner = $default_owner
   $docroot_group = $default_group
-  $ca_chain = $ssl_chain
+  $ca_chain = "/etc/letsencrypt/live/${::fqdn}/chain.pem"
   $tld = $default_tld
   $extra_tlds = $default_extra_tlds
   $htmlphpfragment = "Include conf.extra/html-php.conf"
@@ -111,5 +110,10 @@
       require => Package['policycoreutils-python'],
       unless  => 'semanage fcontext --list | grep "/srv/sites\\(/\\.\\*\\)\\?"',
     }
+    cron { 'letsencrypt-renewal':
+      command => '/usr/bin/certbot renew --quiet',
+      hour => '*/12',
+      minute => '21',
+    }
   }
 }